Situation
I recently deployed some applications using Intune MAM for managing BYOD Android personal devices. Two applications were Keeper Password Manager or Zoom had a problem signing because it use SSO via Microsoft Azure AD and Google.
When the user enters an email address to sign in, goes to SSO Connect and gets “No available apps. There are no apps on this device that your organization allows to open this content. Contact your IT administrator for help.”
Microsoft Documentation Error messages and dialogs on Android
When you read the error on MS website link above, you see the cause:
The user tried to open work or school data with another app, but Intune cannot find any other managed apps that are allowed to open the data
Remediation
However, the remediation does not tell how to fix or is not very clear what to do.
Make sure an Android app protection policy is deployed to the user’s security group and targets at least one other MAM-enabled app that can open the data in question.
Problem
The problem is the Intune App Protection policy does not allow the app to send data to other apps, as a result, it does not allow to sign via SSO.
Solution
To allow apps like Keeper Password Manager and Zoom to pass data to another app, such SSO Connect, you have to exempt the app Intune App Protection.
- Go Endpoint Manager Admin Center
- Go to Apps > App Protection policies
- Select and Edit the Properties of your Android MAM Policy
- Edit “data protection” section
- Select Apps to Exempt
- In Exempt Apps, I added MS Authenticator and Keeper Password Manager
- For Name, it can be anything and for the Value or package ID, you can this from the Google Play store
- Go to Google Play Store, find the app URL, and look for the value after ID, e.g., com.callpod.android_apps.keeper
- Click OK to save and confirm it there.
- Wait for 20-60 mins for the policy to take effect and test it
Summary
The application protection policy is good to keep data more secure, however, it is important to test the impact of the policy.
You can learn more on Android app protection policy settings – Microsoft Intune | Microsoft Docs.
Updated: Jan 22, 2023
If this article is helpful, please subscribe and if you like help for your organization, contact us below.
Our IT support and Help Desk team can provide live answers by phone, email, and remote assistance. We offer a range of computer services and IT support, helping with hardware, software, and how-to issues so your staff can continue to get work done.
This service includes ongoing security overwatch for your business, including vulnerability scanning and software updates, next-gen anti-virus and anti-malware protection, follow-me firewall, security awareness training for employees, and data backup protection from ransomware. We also specialize in data recovery, ensuring your critical information is safe and retrievable.
We can provide various services regarding Microsoft 365 and cloud-related items. They include migration from other email services (GoDaddy, Google Workspace, Intermedia, POP3) to Microsoft 365, hardening email and cloud storage, or software license management. We also provide Azure services, such as virtual machines or virtual desktops, and management services to help businesses monitor and manage their IT infrastructure. Additionally, we offer expertise in developing and maintaining network infrastructure to ensure reliable connectivity.
If you are considering a new phone system, a VoIP phone system is an excellent option compared to using a personal cell phone or traditional landline because it is more flexible and saves time and money. We offer competitive prices and better customer services compared to larger providers like RingCentral, Comcast, AT&T, or 8×8 because we focus on small businesses. We can also migrate your phone systems to our managed phone services, where you have live support and a cost-effective, enterprise-class solution that’s easy to use and manage. Our security solutions provide confidence by protecting your business from digital threats.
One of the biggest threats to your business is the risk of losing your data. We recommend backing up your data on your servers, computers, and cloud applications such as Microsoft 365 Email, SharePoint, OneDrive, and QuickBooks. Support companies like ours offer reliable support services to ensure your data is always protected.
Look for a backup solution that stores your file offsite and is “immutable” so you can restore your files from accidental deletion or theft, fire or human error, and, importantly, from an attacker who holds your data for ransom. Our technical support team is ready to assist with any issues that arise, ensuring your data is safe and your systems are running smoothly. Immutable backup means attackers or cyber criminals cannot delete the data stored in the cloud or offsite.